Apps under scanner after data exposed
In its recent report, Appthority, a mobile security firm identified iOS and Android mobile applications as 113 GB data lost privacy when over 2,271 Firebase databases misconfigured in the entire episode.
Stunned by the disturbing revelations, the premier mobile security firm was quick to scan nearly 3 million apps within a short spell of five months.
The apps being scanned, mostly, stored the sensitive data in the Firebase system which virtually proved unsafe and unsecured. The experts deployed in the task identified 28,502 apps where users’ data were stored before being leaked.
Of these, 1,275 apps are iOS while the remaining 27,227 others are Android. The mobile security firm experts jumped into the revelations of sensitive data leakage during the investigation as they examined the Firebase connected apps in JSON URLs allowing the unauthorized parties to look at the apps and the data stored in these.
Only then they confirmed that more than 100 million user data records stood exposed. The Appthority report suggests leakage of as many as 113 GBs information during this period.
These are, precisely, 5 million records of GPS location, over 50,000 records of financial transactions which include payment, banking, and Bitcoin transactions.
These are apart from nearly 4.5 million records available on Facebook, LinkedIn, 3 million passwords and usernames, over 4 million records of protected health information—all sensitive.
The researchers engaged in the task, further, claimed to have learned that more popular Apps are hovering around the risky scene these days as the Android versions of the apps in question were downloaded in millions of attempts from the Google play store
. Just before leaving the recent findings to the public domain, Appthority brought these stunning facts and figures to the notice of Google providing the top search engine on the planet the details of the apps in question.
A similar episode took place in 2017 where a report revised the leakage of 43TBs user data with 1,000 Apps that functioned under some back-end servers which include CouchDB, Elasticsearch, MySQL and MongoDB
from E Hacking News - Latest Hacker News and IT Security News https://ift.tt/2trAJ7k